Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from setting the fc-fsprivate pointer to NULL in ntfsfillsuper without releasing the memory it points...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-40706)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-40706 advisory. - In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in...

CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

CVE-2025-71267

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...

Windows NTFS Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

EUVD-2025-34421

Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally...

CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...

Linux Distros Unpatched Vulnerability : CVE-2025-37806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user...

The vulnerability of the NTFS file system of the Windows operating system, which allows a hacker to execute arbitrary code

The vulnerability of the NTFS file system in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Microsoft Windows NTFS 缓冲区错误漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing, and logging capabilities. A buffer error vulnerability exists in Microsoft Windows NTFS. The following products and editions are affected:Windows 10 Version...

The vulnerability of the `ntfs_get_block_vbo()` function in the `fs/ntfs3/inode.c` module of the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the ntfsgetblockvbo function in the fs/ntfs3/inode.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the NTFS file system of the Windows operating system, which allows a perpetrator to disclose protected information

The vulnerability of the NTFS file system in Windows operating systems is related to the disclosure of password values in the log files. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by these files...

PT-2025-8486 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the fs/ntfs3 module. The issue arises when the NTFS BOOT sectors per clusters field has a value greater than 0x80...

AZL-53093 CVE-2024-50244 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...

CVE-2024-50244 fs/ntfs3: Additional check in ni_clear()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional check in niclear Checking of NTFSFLAGSLOGREPLAYING added to prevent access to uninitialized bitmap during replay process...

The vulnerability of the NTFS handler in the NtfsHandler.cpp file of the 7-Zip archive viewer allows a hacker to execute arbitrary code.

The vulnerability of the NTFS handler in the NtfsHandler.cpp file of the 7-Zip archive creator is related to the possibility of buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Microsoft Windows NTFS 资源管理错误漏洞

Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-repair, and logging capabilities. A resource management error vulnerability exists in Microsoft Windows NTFS. The following products and versions are affected:Window...

Palo Alto Networks PAN-OS 8.1.x < 8.1.24 / 9.0.x < 9.0.17 / 9.1.x < 9.1.15-h1 / 10.0.x < 10.0.12 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.15-h1 or 10.0.x prior to 10.0.12. It is, therefore, affected by a vulnerability. - A vulnerability in Palo Alto Networks PAN-OS software enables a remote...

Police investigate sexual assault on an avatar

British police are investigating a case involving a virtual sexual assault of a girls avatar. Even though there was no physical violence involved the incident will be investigated as it has caused psychological trauma. By definition, an avatar is a virtual representation of a user and is driven b...

CVE-2023-4692 Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...